Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

7-2013

Abstract

Illegal cyberspace activities are increasing rapidly and many software engineers are using reverse engineering methods to respond to attacks. The security-sensitive nature of these tasks, such as the understanding of malware or the decryption of encrypted content, brings unique challenges to reverse engineering: work has to be done offline, files can rarely be shared, time pressure is immense, and there is a lack of tool and process support for capturing and sharing the knowledge obtained while trying to understand assembly code. To help us gain an understanding of this reverse engineering work, we conducted an exploratory study at a government research and development organization to explore their work processes, tools, and artifacts [1]. We have been using these findings to improve visualization and collaboration features in assembly reverse engineering tools. In this talk, we will present a review of the findings from our study, and present prototypes we have developed to improve capturing and sharing knowledge while analyzing security concerns.

Keywords

malware, reverse engineering, empirical study

Discipline

Software Engineering

Research Areas

Software and Cyber-Physical Systems

Publication

Proceedings of the 7th International Conference on Foundations of Augmented Cognition, Held as Part of HCI International 2013, Las Vegas, July 21-26

First Page

113

Last Page

122

ISBN

9783642394539

Identifier

10.1007/978-3-642-39454-6_12

Publisher

SpringerLink

City or Country

Verlag, Berlin

Additional URL

https://doi.org/10.1007/978-3-642-39454-6_12

Download

Share

COinS